The best way to handle this is with permissions. If you only remove the link then they may still be able to modify their profile by typing in the URL directly.
You can customize permissions in the tables/users/users.php file. You'll notice a getPermissions() method that looks something like:
- Code: Select all
function getPermissions(&$record){
if ( isAdmin() or ( $record and ($record->strval('username') == getUsername()))) {
$perms = Dataface_PermissionsTool::ALL();
} else {
$perms = Dataface_PermissionsTool::READ_ONLY();
}
$perms['new'] = 1;
return $perms;
}
Change it to:
- Code: Select all
function getPermissions(&$record){
/*
$app =& Dataface_Application::getInstance();
$del =& $app->getDelegate();
$perms =& $del->getPermissions($record);
*/
//if ( $record ) echo "Yes"; else echo "No";
//if ( $record and $record->val('username') ) echo "We have a username";
if ( isAdmin()) {
$perms = Dataface_PermissionsTool::ALL();
} else {
$perms = Dataface_PermissionsTool::READ_ONLY();
}
$perms['new'] = 1;
return $perms;
}